Windows XML Flaw Being Actively Exploited

On Tuesday, Microsoftpatched over two dozen vulnerabilities across the Windows platform. At the same time, criminals started targeted a new vulnerability that has now become the topic of interest within the security-focused community, especially when Google announced that it is being actively exploited.

As it turns out, Google discovered the flaw and reported it to Microsoft on May 30. Since the initial report, the two technology giants have worked to create a temporary fix until an official patch is released. Microsoft published Security Advisory 2719615 on Tuesday, separate from the ones related to this month’s security releases.

The vulnerability resides within Microsoft’s XML Core Services 3.0, 4.0, and 6.0. If exploited via a malicious website, the attackers could gain the ability to execute code remotely.

“We discovered this vulnerability—which is leveraged via an uninitialized variable—being actively exploited in the wild for targeted attacks, and we reported it to Microsoft on May 30th,” Google wrote in a recent blog post.

“These attacks are being distributed both via malicious web pages intended for Internet Explorer users and through Office documents. Users running Windows XP up to and including Windows 7 are known to be vulnerable.”

Users and administrators are advised to apply the FixIt update referenced in Microsoft’s advisory sooner rather than later.

Steve Ragan is a security reporter and contributor for SecurityWeek. Prior to joining the journalism world in 2005, he spent 15 years as a freelance IT contractor focused on endpoint security and security training.